merge 0.9.7b with local changes; crank majors for libssl/libcrypto

1 files changed, 73 insertions, 0 deletions

diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c
index f5c897bdbb..f128ee5a68 100644
--- a/src/lib/libcrypto/engine/hw_cswift.c
+++ b/src/lib/libcrypto/engine/hw_cswift.c
@@ -121,6 +121,10 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
                 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 #endif
 
+/* RAND stuff */
+static int cswift_rand_bytes(unsigned char *buf, int num);
+static int cswift_rand_status(void);
+
 /* The definitions for control commands specific to this engine */
 #define CSWIFT_CMD_SO_PATH              ENGINE_CMD_BASE
 static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
@@ -183,6 +187,18 @@ static DH_METHOD cswift_dh =
         };
 #endif
 
+static RAND_METHOD cswift_random =
+    {
+    /* "CryptoSwift RAND method", */
+    NULL,
+    cswift_rand_bytes,
+    NULL,
+    NULL,
+    cswift_rand_bytes,
+    cswift_rand_status,
+    };
+
+
 /* Constants used when creating the ENGINE */
 static const char *engine_cswift_id = "cswift";
 static const char *engine_cswift_name = "CryptoSwift hardware engine support";
@@ -208,6 +224,7 @@ static int bind_helper(ENGINE *e)
 #ifndef OPENSSL_NO_DH
                         !ENGINE_set_DH(e, &cswift_dh) ||
 #endif
+                        !ENGINE_set_RAND(e, &cswift_random) ||
                         !ENGINE_set_destroy_function(e, cswift_destroy) ||
                         !ENGINE_set_init_function(e, cswift_init) ||
                         !ENGINE_set_finish_function(e, cswift_finish) ||
@@ -242,6 +259,7 @@ static int bind_helper(ENGINE *e)
         return 1;
         }
 
+#ifndef ENGINE_DYNAMIC_SUPPORT
 static ENGINE *engine_cswift(void)
         {
         ENGINE *ret = ENGINE_new();
@@ -264,6 +282,7 @@ void ENGINE_load_cswift(void)
         ENGINE_free(toadd);
         ERR_clear_error();
         }
+#endif
 
 /* This is a process-global DSO handle used for loading and unloading
  * the CryptoSwift library. NB: This is only set (or unset) during an
@@ -905,6 +924,60 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
         }
 #endif
 
+/* Random bytes are good */
+static int cswift_rand_bytes(unsigned char *buf, int num)
+{
+        SW_CONTEXT_HANDLE hac;
+        SW_STATUS swrc;
+        SW_LARGENUMBER largenum;
+        size_t nbytes = 0;
+        int acquired = 0;
+        int to_return = 0; /* assume failure */
+
+        if (!get_context(&hac))
+        {
+                CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE);
+                goto err;
+        }
+        acquired = 1;
+
+        while (nbytes < (size_t)num)
+        {
+                /* tell CryptoSwift how many bytes we want and where we want it.
+                 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
+                 *       - CryptoSwift can only do multiple of 32-bits. */
+                largenum.value = (SW_BYTE *) buf + nbytes;
+                if (4096 > num - nbytes)
+                        largenum.nbytes = num - nbytes;
+                else
+                        largenum.nbytes = 4096;
+
+                swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
+                if (swrc != SW_OK)
+                {
+                        char tmpbuf[20];
+                        CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
+                        sprintf(tmpbuf, "%ld", swrc);
+                        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+                        goto err;
+                }
+
+                nbytes += largenum.nbytes;
+        }
+        to_return = 1;  /* success */
+
+err:
+        if (acquired)
+                release_context(hac);
+        return to_return;
+}
+
+static int cswift_rand_status(void)
+{
+        return 1;
+}
+
+
 /* This stuff is needed if this ENGINE is being compiled into a self-contained
  * shared-library. */
 #ifdef ENGINE_DYNAMIC_SUPPORT